Answer yes if your organisation has implemented a secure physical perimeter around all of its physical locations. Please provide a Physical Security Policy document (as a PDF file) as evidence or reference a section of a previously provided security policy in the notes.
A secure physical perimeter is designed to deny unwanted access to a site for the protection of people and site assets. A secure physical perimeter can include:
A physical perimeter is the first line of defence to prevent physical site intrusion and acts to deter intruders, or to delay an intrusion to enable other security protocols (such as alarms or a security team response) to be implemented.
A secure physical perimeter can be as simple as secure walls, a locked gate or door, and an alarm and CCTV capability for SMEs with offices in which no client data is stored.
A secure physical perimeter for a data centre that may store a lot of confidential information is much more complex including controls such as man traps.
Your physical security controls will be tested during an information security audit or review, and any gaps in your perimeter controls will be highlighted and their remediation recommended. Risk Ledger recommends Genium4 for this service.
If you would like to contribute to this article or provide feedback, please email email@example.com. Contributors will be recognised on our contributors page.